OAuth 2.0 client for ACS

0
votes

We are developing mobile and web clients where we want to use Access Control Service (ACS) using OAuth 2.0 protocol. We want to make use of all 4 OAuth 2.0 flows for different types of client applications. Once the client applications receive access token from ACS, they can use it to make authenticated requests to our Web APIs.

Is there a .NET client library which provides support for interacting with ACS using OAuth 2.0 and

  • Supports all 4 OAuth 2.0 flows (Authorization Code Grant Flow, Implicit Grant Flow, Resource Owner Password Credentials Flow and Client Credentials Flow)

  • Has a built-in token cache

  • Supports usage of Refresh token and renews Access token using Refresh token automatically

  • Supports both native and web clients

ADAL.NET looked promising but has dropped the support for ACS.

1
azureoauth-2.0acsazure-active-directoryadal

1 Answers

1
votes

ADAL 1.0 is still supported and can interact with ACS, does have a cache and does use refresh tokens automatically... however it does not support all the flows you list, mostly because ACS does not support those either. In general, ACS has been in feature freeze for quite some time and the AD team has been explicit about Azure AD being the direction moving forward. If you are starting a new project, I would recommend considering AAD. HTH V.